Commit Graph

509 Commits

Author SHA1 Message Date
Marek Marczykowski-Górecki
8f7b0009db
version 4.0.1 2017-07-05 20:14:12 +02:00
Marek Marczykowski-Górecki
a2d9303ea9
app: fix policy deny reporting when running in VM
qrexec-client-vm non-zero exit code means policy have denied the call.
Treat this exactly the same as empty response (in dom0 case).
2017-07-05 14:16:31 +02:00
Marek Marczykowski-Górecki
d8f018eb95
tools: clarify help in qvm-template-postprocess 2017-07-05 14:16:31 +02:00
Marek Marczykowski-Górecki
7c9699cd87
tools: split calling qubes.PostInstall service to a separate function
The code is long enough to warrant separate function (suggested by
pylint).
2017-07-05 14:16:31 +02:00
Marek Marczykowski-Górecki
627aebf2cd
tools: remove policy handling from qvm-firewall tool
Follow the API removal

QubesOS/qubes-issues#2869
2017-07-05 14:16:30 +02:00
Marek Marczykowski-Górecki
942e122d27
firewall: drop GetPolicy/SetPolicy calls
Firewall policy is now hardcoded to 'drop'. Keep the property, so anyone
trying to assign it will get an exception

QubesOS/qubes-issues#2869
2017-07-05 14:16:30 +02:00
Marek Marczykowski-Górecki
ade5083e5e
app: do not clone 'uuid' property
Cloned VM have new UUID
2017-07-05 14:16:30 +02:00
Marek Marczykowski-Górecki
c6eb4c49a3
storage: rework clone as two-stage operation
Split clone to two Admin API calls - one to the source volume, then
other to destination.
2017-07-05 14:16:30 +02:00
Marek Marczykowski-Górecki
88de4f77a5
tests: handle returning different response for the same request
Allow programming different responses for the same request when called
multiple times. This is useful for example for shutdown tests - first
domain is running, but after issuing shutdown request is is not.
2017-07-05 14:16:29 +02:00
Marta Marczykowska-Górecka
9174d8c378
added helper function updates_vms_status 2017-06-25 22:09:34 +02:00
Marek Marczykowski-Górecki
5430e04e1c
tools: move event loop creation/closing to main function
Do not close event loop in utility function - handle it only in main().
For this reason, change appropriate functions to coroutines.

Fixes QubesOS/qubes-issues#2865
2017-06-25 20:09:10 +02:00
Marek Marczykowski-Górecki
0012eb3ac6
tools/qvm-template-postprocess: improve error handling
Don't fail the whole process when "just" appmenus import fails.
But if data import fails, remove the VM

Also update for vm.run_service_for_stdio raising CalledProcessError.
2017-06-25 18:22:06 +02:00
Marek Marczykowski-Górecki
ce7d4865b6
events: fix calling mgmt.Events from VM
asyncio.create_subprocess_exec expects program and arguments directly,
not as a list.
2017-06-25 14:01:14 +02:00
Marek Marczykowski-Górecki
c545c95660
tests: fix qvm-run test on travis
stdout there is not a tty, which change default value of filter_esc.
2017-06-25 13:44:17 +02:00
Marek Marczykowski-Górecki
3cf5840d7a
Merge branch 'devel-4'
* devel-4:
  tools/qvm-start-gui: multiple fixes
  vm: raise CalledProcessError instead of QubesVMError on failed service call
  events: improve handling qubesd restart
2017-06-25 13:16:50 +02:00
Marek Marczykowski-Górecki
cef80a76e4
Merge branch 'devel-3'
* devel-3:
  Implement VM clone as create + copy data+metadata
  storage: make Volumes sortable
  base: add PropertyHolder.clone_properties
  doc: minor fixes to man pages
  storage: add volume clone method
  doc: fix skel-manpage tool
  tools: add qvm-tags tool
  tags support
2017-06-25 13:16:22 +02:00
Marek Marczykowski-Górecki
64377207a8
tools/qvm-start-gui: multiple fixes
Don't start GUI daemon for given VM twice when qvm-start-gui was started
during VM startup (while waiting for qrexec startup). This is especially
common while running tests.

Report failed qubes.SetMonitorLayout as warning (instead of unhandled
exception).

Clear VM cache on qubesd reconnect.

Fix logging.
2017-06-21 06:01:53 +02:00
Marek Marczykowski-Górecki
5ac7632dd0
vm: raise CalledProcessError instead of QubesVMError on failed service call
follow core-admin change.
2017-06-21 06:01:53 +02:00
Marek Marczykowski-Górecki
ba2057a2c6
events: improve handling qubesd restart
qubesd may be restarted during different stages of connection - either
while attempting to connect, or while already listening on events.
Adjust exception list accordingly.

This is especially important for qvm-start-gui - otherwise it crashes on
qubesd restart.
2017-06-21 05:03:04 +02:00
Marek Marczykowski-Górecki
bcd026d141
Implement VM clone as create + copy data+metadata
This way we don't need separate admin.vm.Clone call, which is tricky to
handler properly with policy.
A VM may not have access to all the properties and other metadata, so
add ignore_errors argument, for best-effort approach (copy what is
possible). In any case, failure of cloning VM data fails the whole
operation.
When operation fails, VM is removed.

While at it, allow to specify alternative VM class - this allows
morphing one VM into another (for example AppVM -> StandaloneVM).

Adjust qvm-clone tool and tests accordingly.

QubesOS/qubes-issues#2622
2017-06-20 01:34:18 +02:00
Marek Marczykowski-Górecki
a5a459840a
storage: make Volumes sortable
But do not fetch any additional info just for this purpose.
2017-06-20 01:34:18 +02:00
Marek Marczykowski-Górecki
e94bdca206
base: add PropertyHolder.clone_properties
Be compatible with core-admin
2017-06-20 01:34:17 +02:00
Marek Marczykowski-Górecki
12fd4eb035
doc: minor fixes to man pages 2017-06-20 01:34:17 +02:00
Marek Marczykowski-Górecki
998a42703f
storage: add volume clone method
Clone volume without retrieving all the data.

QubesOS/qubes-issues#2622
2017-06-20 01:34:17 +02:00
Marek Marczykowski-Górecki
90141a1bef
doc: fix skel-manpage tool 2017-06-20 01:34:17 +02:00
Marek Marczykowski-Górecki
8e5f90c273
tools: add qvm-tags tool
QubesOS/qubes-issues#2388
2017-06-20 01:34:17 +02:00
Marek Marczykowski-Górecki
31988a9bd8
tags support
QubesOS/qubes-issues#2622
2017-06-20 01:34:16 +02:00
Marek Marczykowski-Górecki
d1b67daa63
tests: basic tests for vm.features 2017-06-14 10:43:52 +02:00
Marek Marczykowski-Górecki
9dd659d60f
tools/qvm_template_postprocess: set vm.features['qrexec']
Enable 'qrexec' VM feature to wait for qrexec initialization - it is
required to call qubes.PostInstall service. If VM start fails, assume
there is no qrexec and drop that feature.
2017-06-14 10:43:52 +02:00
Marek Marczykowski-Górecki
64f7eecf58
features: implement get() method 2017-06-14 10:43:51 +02:00
Marek Marczykowski-Górecki
c07c57bfef
Merge remote-tracking branch 'qubesos/pr/7'
* qubesos/pr/7:
  qvm-ls: hide flags (aka status), get more descriptive
  qvm-ls: fix -O with uppercase names
  vm: fix get_power_state() for dom0
2017-06-08 22:20:31 +02:00
Marek Marczykowski-Górecki
a42dffcb89
Merge branch 'devel-1'
* devel-1:
  toos: fix handling default command (qvm-device, qvm-volume, ...)
  events: fix parsing events with empty parameters
  tools: ignore qvm-template-postprocess calls in chroot
  app: close payload_stream in qubesd_call
2017-06-08 22:18:47 +02:00
Wojtek Porczyk
59eda63923 qvm-ls: hide flags (aka status), get more descriptive
Enterprise™ continues.
2017-06-08 15:03:00 +02:00
Wojtek Porczyk
23fe5e431c qvm-ls: fix -O with uppercase names 2017-06-08 14:27:53 +02:00
Wojtek Porczyk
934f8fcdd9 vm: fix get_power_state() for dom0 2017-06-08 14:27:53 +02:00
Wojtek Porczyk
033125932c qubesadmin/spinner: fix licence 2017-06-08 08:12:58 +02:00
Wojtek Porczyk
57cabc395b qvm-ls: run a spinner while waiting
Since Admin API, qvm-ls takes a long time to complete. Therefore,
Corporate Headquarters commanded that a Enterprise Spinner is to be
implemented and mandated it's use unto us.

We take amusement from its endless gyrations.
2017-06-07 20:59:01 +02:00
Marek Marczykowski-Górecki
a184e35a03
toos: fix handling default command (qvm-device, qvm-volume, ...)
When command isn't specified, command variable is set to None. Lets
handle this situation gracefuly.
2017-05-30 01:41:51 +02:00
Marek Marczykowski-Górecki
065eb036df
events: fix parsing events with empty parameters
Empty parameter value is encoded as b'parameter\0\0', so we can't simply
read the data until b'\0\0', because it isn't necessary event end.
Instead, read event parts separately, according to specification.
2017-05-30 01:31:13 +02:00
Marek Marczykowski-Górecki
96b27fdf14
tools: ignore qvm-template-postprocess calls in chroot
It require qubesd running. Firstboot will take care of it.
2017-05-29 15:20:13 +02:00
Wojtek Porczyk
0a556fad8c app: close payload_stream in qubesd_call
This is to prevent leaking file descriptors.

QubesOS/qubes-issues#2622
2017-05-26 19:09:29 +02:00
Marek Marczykowski-Górecki
2675d63579
tools: add qvm-template-postprocess
Tool to be called from template's rpm post-installation script.
2017-05-26 01:33:43 +02:00
Marek Marczykowski-Górecki
93d7249ef0
Make VMCollection return sorted VM list on iteration
This makes it much easier to write tests...
2017-05-26 00:42:48 +02:00
Marek Marczykowski-Górecki
9cdf9a0e60
tests: fix file descriptor leak 2017-05-26 00:42:48 +02:00
Marek Marczykowski-Górecki
c435de06a1
tests: fix handling TestProcess.communicate(None) 2017-05-26 00:42:48 +02:00
Marek Marczykowski-Górecki
fe51e8862a
Fix qubesadmin/tests/tools/qvm_firewall.py license header 2017-05-26 00:42:48 +02:00
Marek Marczykowski-Górecki
b35588368f
events: add helper for waiting for just VM shutdown
Wrap setting events handling machinery for just this purpose in a single
function, to not duplicate it all over the code.
2017-05-26 00:42:47 +02:00
Marek Marczykowski-Górecki
50237d4953
storage: implement admin.vm.volume.Import as volume.import_data
Use newly introduced payload_stream= argument to qubesd_call to pass
data directly from some file-like object - without loading it all into
memory.

QubesOS/qubes-issues#853
2017-05-26 00:42:47 +02:00
Marek Marczykowski-Górecki
6f99e871cf
Clear VM cache after adding new VM
If cache was already populated, trying to reference newly created VM
would fail as it isn't the cache.
2017-05-26 00:42:47 +02:00
Marek Marczykowski-Górecki
c988ef41a3
Fix setting VM property to None
None value should be encoded as empty string.
2017-05-26 00:42:47 +02:00